Information Systems Security Officer (ISSO) III (Remote)

OneZero Solutions•Virginia Beach, VA

11d•Remote

About The Position

As a USCG Information Systems Security Officer (ISSO) at OneZero Solutions, you will play a crucial role in supporting our USCG customers in Portsmouth, VA. Your responsibilities will focus on ensuring the security and compliance of information systems within the Department of Homeland Security (DHS). Specifically, you will be involved in the following areas: Risk Management Framework (RMF): You will execute the RMF process to achieve and maintain Authority to Operate (ATO) security authorizations for USCG mission systems. Continued Security Compliance: Through the execution of prescribed and ad hoc ISCM tasks, you will deliver cybersecurity compliance throughout the engineering lifecycle for the systems under our purview. Security Assessments and Audits: Conduct security assessments, identify vulnerabilities, and recommend corrective actions. Incident Response: Monitor security events and incidents, investigate suspicious activity, and take appropriate action to mitigate risks. Security Awareness and Training: Manage security awareness and training programs for DHS personnel. Collaboration: Work closely with IT engineering teams and program stakeholders to integrate security controls into system development and implementation processes. Program Relevance: Keep abreast of evolving security threats, vulnerabilities, and industry best practices and work with program stakeholders to enhance and maintain program relevancy and improve efficiency. Documentation: Document security policies, procedures, and activities.

Requirements

7+ years of direct experience serving as an Information Systems Security Officer (ISSO) within the DoD/Federal Government.
Working knowledge of the DoD eMASS GRC tool and workflows
Demonstrated understanding of information security principles and best practices, including network security, system security, encryption, and incident response.
Proficiency in various security assessment methodologies, standards, and tools, including DoD RMF System Security Assessment and Authorization (SA&A), Vulnerability Management and Continuous Monitoring, and FISMA Compliance, and STIG Hardening
Experience with relevant security frameworks and standards, such as NIST Cybersecurity Framework, FISMA, RMF, FedRAMP, and DoD control overlays
Documented in experience in the assessment of Platform IT and OT systems and environments.
Excellent analytical and problem-solving skills.
Strong written and verbal communication skills.
Ability to work independently and as part of a team.
Must local to the Hampton Roads Virginia area.
Must be willing to go on site for critical meetings and work to be performed at the classified level.
One or more of the following certifications: CISM, CISSP, GSLC

Nice To Haves

Bachelor's degree or higher in Cyber Security or other Information Technology field of study

Responsibilities

Execute the RMF process to achieve and maintain Authority to Operate (ATO) security authorizations for USCG mission systems.
Deliver cybersecurity compliance throughout the engineering lifecycle for the systems under our purview through the execution of prescribed and ad hoc ISCM tasks.
Conduct security assessments, identify vulnerabilities, and recommend corrective actions.
Monitor security events and incidents, investigate suspicious activity, and take appropriate action to mitigate risks.
Manage security awareness and training programs for DHS personnel.
Work closely with IT engineering teams and program stakeholders to integrate security controls into system development and implementation processes.
Keep abreast of evolving security threats, vulnerabilities, and industry best practices and work with program stakeholders to enhance and maintain program relevancy and improve efficiency.
Document security policies, procedures, and activities.